Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vmI-y8LCcyel6_X1q6eZWMkoLbg.roa
File: vmI-y8LCcyel6_X1q6eZWMkoLbg.roa (raw, json)
Hash identifier: PMpziLvezzz1c5AkY3VJIgpslyACKcEjz8yOov7BsWY=
Subject key identifier: BE:62:3E:CB:C2:C2:73:27:A5:EB:F5:F5:AB:A7:99:58:C9:28:2D:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B52
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vmI-y8LCcyel6_X1q6eZWMkoLbg.roa
Signing time: Sun 07 Apr 2024 16:22:34 +0000
ROA not before: Sun 07 Apr 2024 16:22:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15186 (0x3b52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 16:22:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BE623ECBC2C27327A5EBF5F5ABA79958C9282DB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b8:06:98:72:7c:19:b0:d8:b7:fe:e4:60:9d:
31:63:1a:60:4f:19:97:07:66:af:20:72:42:75:8d:
02:8a:3b:7e:39:ca:1c:91:97:6b:44:5b:4f:57:0c:
c2:fa:cf:40:9a:b1:4a:40:6a:8b:a5:75:db:83:29:
24:79:2e:90:72:1f:fc:57:ba:2f:99:88:d7:19:4f:
ca:fa:19:7a:29:09:00:74:b0:ed:83:3a:27:80:99:
68:ff:d7:a6:1f:3b:b5:15:a3:6e:62:22:d6:2e:37:
3d:cf:49:03:64:5c:e0:ca:9c:81:85:47:33:5f:3a:
79:66:3c:f5:21:a6:76:45:4f:06:c4:40:da:59:9d:
f7:27:0b:9f:a0:0b:58:5c:d5:4c:a1:b1:5a:87:55:
28:8b:6d:6a:b4:3e:cd:48:6c:84:8e:90:59:4e:9b:
e1:24:58:b8:e2:93:2b:26:4a:fa:a5:cd:c8:7a:fc:
37:54:6e:94:fd:e7:a4:01:0a:f6:7c:56:1d:a5:3a:
10:d6:f2:a4:20:5a:b0:fe:53:92:0d:87:16:56:31:
d8:1b:75:ff:3d:88:5d:c0:69:0d:ea:c1:ca:28:7a:
05:c6:0e:e7:62:76:d8:38:1d:04:92:20:4e:35:3e:
0b:c8:69:2f:67:95:25:38:09:60:79:4a:c0:ed:de:
f0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:62:3E:CB:C2:C2:73:27:A5:EB:F5:F5:AB:A7:99:58:C9:28:2D:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vmI-y8LCcyel6_X1q6eZWMkoLbg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:0a:0a:d9:c0:35:03:88:e0:af:c1:64:03:ec:3e:f1:fb:a9:
2d:5a:5c:1a:aa:75:de:eb:15:9a:06:cf:14:22:4e:b4:38:a0:
67:88:59:2f:47:ca:71:b4:1d:5b:19:7c:9b:b1:71:1e:61:0b:
8c:b3:0f:ae:e0:08:8f:e0:42:58:e1:76:42:35:cd:3c:08:f9:
39:2a:ec:1b:f4:ce:1d:8b:84:91:0c:1a:c3:0d:13:ba:29:6e:
99:2c:df:ea:9c:d6:30:44:6c:91:c0:a8:be:1c:4b:da:9f:63:
fe:ba:d7:b2:77:22:d7:a0:ca:73:12:6c:74:7b:a7:6e:72:ff:
00:74:f0:7e:75:46:18:e9:40:79:e9:8d:60:a5:23:b6:c7:d1:
3e:b7:52:58:35:0a:de:c0:52:ff:37:9a:e5:bc:2b:9a:6b:83:
6e:5b:fb:fb:ee:b9:45:97:6b:24:41:d6:19:78:1b:2d:11:c7:
ea:de:38:24:06:5e:7b:cd:7d:9d:df:8f:54:0a:e0:f6:3a:36:
0c:96:53:5f:23:a1:01:20:75:14:43:e8:49:a3:d9:62:d8:bb:
82:37:99:f0:18:a8:03:37:47:95:44:bb:e3:ba:d8:62:cd:e0:
3c:20:f5:50:b7:1d:66:14:7d:ac:07:05:d9:bc:18:d6:5e:3e:
db:1f:9a:e1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICO1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
NjIyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJFNjIzRUNCQzJDMjcz
MjdBNUVCRjVGNUFCQTc5OTU4QzkyODJEQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCquAaYcnwZsNi3/uRgnTFjGmBPGZcHZq8gckJ1jQKKO345yhyR
l2tEW09XDML6z0CasUpAaouldduDKSR5LpByH/xXui+ZiNcZT8r6GXopCQB0sO2D
OieAmWj/16YfO7UVo25iItYuNz3PSQNkXODKnIGFRzNfOnlmPPUhpnZFTwbEQNpZ
nfcnC5+gC1hc1UyhsVqHVSiLbWq0Ps1IbISOkFlOm+EkWLjikysmSvqlzch6/DdU
bpT956QBCvZ8Vh2lOhDW8qQgWrD+U5INhxZWMdgbdf89iF3AaQ3qwcooegXGDudi
dtg4HQSSIE41PgvIaS9nlSU4CWB5SsDt3vDvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUvmI+y8LCcyel6/X1q6eZWMkoLbgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZtSS15OExDY3llbDZf
WDFxNmVaV01rb0xiZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAdAoK2cA1A4jgr8FkA+w+8fupLVpcGqp1
3usVmgbPFCJOtDigZ4hZL0fKcbQdWxl8m7FxHmELjLMPruAIj+BCWOF2QjXNPAj5
OSrsG/TOHYuEkQwaww0TuilumSzf6pzWMERskcCovhxL2p9j/rrXsnci16DKcxJs
dHunbnL/AHTwfnVGGOlAeemNYKUjtsfRPrdSWDUK3sBS/zea5bwrmmuDblv7++65
RZdrJEHWGXgbLRHH6t44JAZee819nd+PVArg9jo2DJZTXyOhASB1FEPoSaPZYti7
gjeZ8BioAzdHlUS747rYYs3gPCD1ULcdZhR9rAcF2bwY1l4+2x+a4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:53 2024 by rpki-client on console-fra.rpki-client.org